Now that the dust is settling from the Equifax breach, it’s time to ask about smarter security. Why aren’t more companies moving to biometrics? Steven Bridgeland gives us five popular misconceptions that keep enterprises from turning to biometric authentication.

Now that the dust is settling from the Equifax breach and 140 million Americas have all frozen their credit (you have frozen it, haven’t you? If not, go here right now. We’ll wait.), it is time to ask the question, “Why haven’t we gotten rid of PINs and passwords by now???”

At Nuance, we have been moving companies to biometric authorization for years all the while showing how biometrics are more secure, make customers more satisfied and save money for the enterprise. I am proud to say that scores of companies are rolling out Nuance biometric authentication and we have yet to have a security breach where the data is compromised.

With all that, why aren’t more companies moving to biometrics? I’ve pulled several reasons that I hear many times a week. Do any of these sound familiar?

It is too expensive. (Is there an ROI?)

While I completely understand this rationale, it is just that, a rationale. If you knew that by spending $10 today you would get $20 tomorrow, you would do that (even if you must borrow $10 to invest.) The return on investment (ROI) for biometric authentication is the equivalent of investing in your company and getting the returns you expect. With biometric authentication you will gain:

Yes, it costs money, yet these four benefits (and more I haven’t mentioned) return that investment back on average in 14 months. After that it is all pure profit (or actually, less cost and happier customers – which profits everyone).

I’ve heard it is not secure. Wasn’t there a biometric hack, and now criminals have access to fingerprints?

I heard about the Office of Personnel Management hack in 2015 from my brother, who was a victim. In that hack, actual images of fingerprints were stolen, and the scare is that using these images, criminals would be able to create “fake fingers” that could log into secure government sites. Scary proposition, but the problem wasn’t just lax security but also poor security design. Under no circumstances should actual images (in the case of fingerprint or facial recognition) or audio files (in the case of voice biometrics) be stored in a database, much less stored near personal, identifiable information.

When we implement a biometric authentication solution from Nuance, all biometric information is converted into a mathematical algorithm which the server stores in an encrypted voiceprint. When authentication is needed, that voiceprint on file is compared to a voiceprint made in real-time from the speaker’s voice. The beauty of the system is that a hacker can never recreate the voice of the person from their voiceprint (unlike the fingerprint image example above.) Even if they hacked the system, they couldn’t use what they stole!

Companies must rely on customers enrolling, and that is doomed to failure

One of the objections I have heard recently (due in no small part to competitive FUD) is that customers won’t enroll in the voice system, so any investment is not going to show benefit. This rumor has been around for years, and there is some truth in it. (gasp) When a company implements their security in a way that impedes the customer’s endeavors or is just a pain to use, customers bail out. Fortunately, we have been in the business for years and are very good at designing and planning for a successful rollout. Using some training and best practices, most businesses will see quick uptake that will prove ROI in as little as 14 months. See a past blog post here for a few more things that might prevent a successful rollout. In addition, Opus Research wrote a nice whitepaper about many different issues to address in a rollout.

Let’s work together

About Steven Bridgeland

Steven Bridgeland joined Nuance in 2016 as senior solutions marketing manager for all things Voice Biometrics. Before joining Nuance, Steven worked in various product management and marketing positions at Microsoft, Sesame Communications and others. Steven Has an MBA from Yale School of Management and is a loyal Spartan from Michigan State University.